1 /* $OpenBSD: key.h,v 1.30 2010/04/16 01:47:26 djm Exp $ */
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 #include <openssl/rsa.h>
31 #include <openssl/dsa.h>
33 typedef struct Key Key;
54 /* key is stored in external hardware */
55 #define KEY_FLAG_EXT 0x0001
57 #define CERT_MAX_PRINCIPALS 256
59 Buffer certblob; /* Kept around for use on wire */
60 u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
65 u_int64_t valid_after, valid_before;
80 void key_add_private(Key *);
81 Key *key_new_private(int);
83 Key *key_demote(const Key *);
84 int key_equal_public(const Key *, const Key *);
85 int key_equal(const Key *, const Key *);
86 char *key_fingerprint(Key *, enum fp_type, enum fp_rep);
87 u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *);
88 const char *key_type(const Key *);
89 const char *key_cert_type(const Key *);
90 int key_write(const Key *, FILE *);
91 int key_read(Key *, char **);
92 u_int key_size(const Key *);
94 Key *key_generate(int, u_int);
95 Key *key_from_private(const Key *);
96 int key_type_from_name(char *);
97 int key_is_cert(const Key *);
98 int key_type_plain(int);
99 int key_to_certified(Key *, int);
100 int key_drop_cert(Key *);
101 int key_certify(Key *, Key *);
102 void key_cert_copy(const Key *, struct Key *);
103 int key_cert_check_authority(const Key *, int, int, const char *,
105 int key_cert_is_legacy(Key *);
107 Key *key_from_blob(const u_char *, u_int);
108 int key_to_blob(const Key *, u_char **, u_int *);
109 const char *key_ssh_name(const Key *);
110 int key_names_valid2(const char *);
112 int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
113 int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
115 int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
116 int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
117 int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
118 int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);